Overview

overview

10

Static

static

10

c89ae02ef3...18.exe

windows7-x64

10

c89ae02ef3...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    c89ae02ef3579cc9f123f9bae9776050_JaffaCakes118

  • Size

    43KB

  • MD5

    c89ae02ef3579cc9f123f9bae9776050

  • SHA1

    f37365f7bc653881b4b0ffdf1dfe8ff28561b272

  • SHA256

    627e2b8e17e1d011b6fe60469bfa1eaaf9ae754dfbc0d02aa977b60938136d82

  • SHA512

    ad9c6bd6ad8d80270cf401727aba85d6ecc76f144db5bc83a0f3b7a7591c65cc19113ad709ff2d8beb3f208e30331c3cd10abb961ecd03f96247afc2d0787e2e

  • SSDEEP

    384:qZyqlll4Ruoyvv75V7eAy8uECPEfPY/zAIij+ZsNO3PlpJKkkjh/TzF7pWnf/gre:oZlOIlvv75N3D0cMuXQ/oq/+L

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

195.184.211.14:5552

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c89ae02ef3579cc9f123f9bae9776050_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections